how tracking companies circumvented ad blockers using
play

How Tracking Companies Circumvented Ad Blockers Using WebSockets - PowerPoint PPT Presentation

Sep 08, 2022 •300 likes •1.11k views

How Tracking Companies Circumvented Ad Blockers Using WebSockets Muhammad Ahmad Bashir, Sajjad Arshad, Engin Kirda, William Robertson, Christo Wilson Northeastern University Online Tracking 2 Online Tracking Surge in online

  1. 
 How Tracking Companies Circumvented Ad Blockers Using WebSockets Muhammad Ahmad Bashir, Sajjad Arshad, Engin Kirda, William Robertson, Christo Wilson 
 Northeastern University

  2. Online Tracking 2

  3. Online Tracking Surge in online advertising (internet economy) • Ad networks pour in billions of dollars. • Value for their investment? • Extensive tracking to serve targeted ads. 2

  4. Online Tracking Surge in online advertising (internet economy) • Ad networks pour in billions of dollars. • Value for their investment? • Extensive tracking to serve targeted ads. User concern over tracking • Led to the proliferation of ad blocking extensions 2

  5. Online Tracking Surge in online advertising (internet economy) • Ad networks pour in billions of dollars. • Value for their investment? • Extensive tracking to serve targeted ads. User concern over tracking • Led to the proliferation of ad blocking extensions Ad networks fight back • E.g Using anti ad blocking scripts 2

  6. Google & Safari • Google evaded Safari’s third-party cookie blocking policy (Jonathan Mayer) • … by submitting a form in an invisible iFrame • Google was fined $22.5M by FTC 3

  7. This Talk How Ad Networks leveraged a bug in Chrome API to bypass Ad Blockers using WebSockets 4

  8. This Talk How Ad Networks leveraged a bug in Chrome API to bypass Ad Blockers using WebSockets 1. What caused this? 2. How this bug was leveraged by ad networks? 4

  9. Web Sockets 5

  10. Web Sockets HTTP/S 5

  11. Web Sockets request HTTP/S response 5

  12. Web Sockets request HTTP/S response Chatting App 5

  13. Web Sockets request HTTP/S response anything new? Chatting App 5

  14. Web Sockets request HTTP/S response anything new? Chatting App Web Socket 5

  15. Web Sockets request HTTP/S response anything new? Chatting App bidirectional Web Socket • Both client and server can send/receive data • This is a persistent connection 5

  16. Web Sockets request HTTP/S response anything new? Chatting App bidirectional Web Socket ws:// or wss:// • Both client and server can send/receive data • This is a persistent connection 5

  17. Ad Blockers 6

  18. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests 6

  19. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests webRequest API 6

  20. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API 6

  21. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API Usually borrowed 
 Rule List from EasyList 6

  22. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API url Usually borrowed 
 Rule List from EasyList 6

  23. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API url Usually borrowed 
 Rule List from EasyList 6

  24. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API url Usually borrowed 
 Rule List from EasyList 6

  25. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API url Usually borrowed 
 Rule List from EasyList webRequest API 6

  26. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API url Usually borrowed 
 Rule List from EasyList http://doubleclick.com/s1.js webRequest API 6

  27. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API url Usually borrowed 
 Rule List from EasyList url http://doubleclick.com/s1.js webRequest API 6

  28. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API url Usually borrowed 
 Rule List from EasyList url http://doubleclick.com/s1.js webRequest API 6

  29. Ad Blockers • Chrome extension chrome.webRequest API • Extension can inspect / modify / drop outgoing requests http://cnn.com/logo.jpeg webRequest API url Usually borrowed 
 Rule List from EasyList url http://doubleclick.com/s1.js webRequest API 6

  30. AdBlock Evasion 7

  31. AdBlock Evasion • Bug in webRequest API • ws/wss requests did not trigger the API 7

  32. AdBlock Evasion • Bug in webRequest API • ws/wss requests did not trigger the API 2012 2013 2014 2016 2017 2018 2015 7

  33. AdBlock Evasion • Bug in webRequest API • ws/wss requests did not trigger the API Original bug 
 reported 2012 2013 2014 2016 2017 2018 2015 7

  34. AdBlock Evasion • Bug in webRequest API • ws/wss requests did not trigger the API Users report 
 unblocked ads Original bug 
 reported 2012 2013 2014 2016 2017 2018 2015 7

  35. AdBlock Evasion • Bug in webRequest API • ws/wss requests did not trigger the API Users report 
 Patch unblocked ads Finalized 
 Original bug 
 ( Landed) reported 2012 2013 2014 2016 2017 2018 2015 7

  36. AdBlock Evasion • Bug in webRequest API • ws/wss requests did not trigger the API Users report 
 Patch unblocked ads Finalized 
 Original bug 
 ( Landed) reported 2012 2013 2014 2016 2017 2018 2015 Chrome 58 
 released 7

  37. AdBlock Evasion • Bug in webRequest API • ws/wss requests did not trigger the API Users report 
 Patch unblocked ads Finalized 
 Original bug 
 ( Landed) reported * * * * 2012 2013 2014 2016 2017 2018 2015 Chrome 58 
 released * Represents when our crawls were done 7

  38. Data Crawling 8

  39. Data Crawling 100K websites 
 sampled from Alexa 8

  40. Data Crawling Collected chains for 100K websites 
 all included sampled from Alexa Visit 15 
 resources links / website 8

  41. This means we know Data Crawling which resource included which other resource Collected chains for 100K websites 
 all included sampled from Alexa Visit 15 
 resources links / website 8

  42. This means we know Data Crawling which resource included which other resource Collected chains for 100K websites 
 all included sampled from Alexa Visit 15 
 resources links / website Filter 
 WebSockets Filter all resources which end in 
 web sockets 8

  43. This means we know Data Crawling which resource included which other resource Collected chains for 100K websites 
 all included sampled from Alexa Visit 15 
 resources links / website Filter 
 WebSockets Filter all resources which end in 
 web sockets Mark web sockets 
 Detect A&A 
 which are used by WebSockets A&A domains A&A = Advertising and Analytics e.g. DoubleClick, Criteo, Adnxs 8

  44. This means we know Data Crawling which resource included which other resource Collected chains for 100K websites 
 all included sampled from Alexa Visit 15 
 resources links / website Filter 
 WebSockets Example Inclusion Tree pub/ Filter all resources index.html which end in 
 web sockets Mark web sockets 
 srv.ws ads/ Detect A&A 
 which are used by WebSockets script.js A&A domains ads/ frame.html A&A = Advertising and Analytics e.g. DoubleClick, Criteo, Adnxs ads/ adnet/ img_a.jpg data.ws 8

  45. This means we know Data Crawling which resource included which other resource Collected chains for 100K websites 
 all included sampled from Alexa Visit 15 
 resources links / website Filter 
 WebSockets Example Inclusion Tree pub/ Filter all resources index.html which end in 
 web sockets Mark web sockets 
 srv.ws ads/ Detect A&A 
 which are used by WebSockets script.js A&A domains WebSocket ads/ frame.html A&A = Advertising and Analytics e.g. DoubleClick, Criteo, Adnxs ads/ adnet/ img_a.jpg data.ws WebSocket 8

  46. This means we know Data Crawling which resource included which other resource Collected chains for 100K websites 
 all included sampled from Alexa Visit 15 
 resources links / website Filter 
 WebSockets Example Inclusion Tree pub/ Filter all resources index.html which end in 
 web sockets Mark web sockets 
 srv.ws ads/ Detect A&A 
 which are used by WebSockets script.js A&A domains WebSocket ads/ frame.html A&A = Advertising and Analytics e.g. DoubleClick, Criteo, Adnxs adnet/ data.ws WebSocket 8

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Importance of Beta-Blockers in Patients with Heart Failure: A

The Importance of Beta-Blockers in Patients with Heart Failure: A

The Importance of Beta-Blockers in Patients with Heart Failure: A Resynchronization-Defibrillation for Ambulatory Heart Failure Trial (RAFT) Analysis . L. Brent Mitchell, Jean L. Rouleau, Gary E. Newton, Jonathon Howlett, Elizabeth Yetisir,

351 views • 17 slides
Association between Use of Beta-Blockers and Mortality in Patients with Heart Failure and

Association between Use of Beta-Blockers and Mortality in Patients with Heart Failure and

Association between Use of Beta-Blockers and Mortality in Patients with Heart Failure and Preserved Ejection Fraction a Prospective Propensity Score-Matched Cohort Study Lars H Lund, Lina Benson, Ulf Dahlstrm, Magnus Edner, Leif Friberg on

158 views • 13 slides
MEET THE BLOCKERS A CAST OF CHARACTERS This exercise introduces twelve characters who may be

MEET THE BLOCKERS A CAST OF CHARACTERS This exercise introduces twelve characters who may be

MEET THE BLOCKERS A CAST OF CHARACTERS This exercise introduces twelve characters who may be found in many partnerships, blocking the road to a successful outcome. Learn how to harness their characteristics to move your projects forward and

286 views • 16 slides
Drugs Used In The Management Of Atrial Fibrillation Dr Steve Murray Consultant EP &

Drugs Used In The Management Of Atrial Fibrillation Dr Steve Murray Consultant EP &

Drugs Used In The Management Of Atrial Fibrillation Dr Steve Murray Consultant EP & Cardiologist Outline of session Unfortunately individual cases cannot and will not be discussed! Beta-blockers Calcium channel blockers

508 views • 46 slides
What's next for adversarial ML? (and why ad-blockers should care) Florian Tramr EPFL July 9 th

What's next for adversarial ML? (and why ad-blockers should care) Florian Tramr EPFL July 9 th

What's next for adversarial ML? (and why ad-blockers should care) Florian Tramr EPFL July 9 th 2018 Joint work with Gili Rusak, Giancarlo Pellegrino and Dan Boneh The Deep Learning Revolution First they came for images The Deep Learning

703 views • 26 slides
Efficacy of beta-blockers in heart failure Efficacy of beta-blockers in heart failure patients

Efficacy of beta-blockers in heart failure Efficacy of beta-blockers in heart failure patients

Efficacy of beta-blockers in heart failure Efficacy of beta-blockers in heart failure patients with atrial fibrillation: patients with atrial fibrillation: An individual patient patient data meta-analysis data meta-analysis An individual

553 views • 23 slides
9/12/2019 Wichter et al ARVD Therapy 1. Beta blockers (Sotalol) 2. Amiodarone 3. Catheter

9/12/2019 Wichter et al ARVD Therapy 1. Beta blockers (Sotalol) 2. Amiodarone 3. Catheter

9/12/2019 Wichter et al ARVD Therapy 1. Beta blockers (Sotalol) 2. Amiodarone 3. Catheter ablation 4. AICD M S Marcus et al report from ARVC registry Treatment for patients with ARVC JACC 54:609 2010 Early drug trials involved small

291 views • 6 slides
Serialization, Authentication and Tracking Solution Presentation December 2016 Who we are

Serialization, Authentication and Tracking Solution Presentation December 2016 Who we are

Serialization, Authentication and Tracking Solution Presentation December 2016 Who we are INEXTO offers cutting edge brand protection, track & trace solutions to private companies, governments and consumers that are all looking for

447 views • 15 slides
Tracking by learning Arnold W.M. Smeulders Tracking Online tracking is to determine the location

Tracking by learning Arnold W.M. Smeulders Tracking Online tracking is to determine the location

Tracking by learning Arnold W.M. Smeulders Tracking Online tracking is to determine the location of one target in video starting from a bounding box in the first frame. When conceived as an instant learning problem, the task is to discriminate

651 views • 39 slides
PTrack: Enhancing the Applicability of Pedestrian Tracking with Wearables Yonghang Jiang,

PTrack: Enhancing the Applicability of Pedestrian Tracking with Wearables Yonghang Jiang,

PTrack: Enhancing the Applicability of Pedestrian Tracking with Wearables Yonghang Jiang, Zhenjiang Li, Jianping Wang Department of Computer Science City University of Hong Kong 6 Insurance companies Customer assessment Sedentary: 21 hours

376 views • 16 slides
Tracking Articulated Objects Alexander (Sasha) Lambert CS7495 Fall 2014 Tracking From Depth

Tracking Articulated Objects Alexander (Sasha) Lambert CS7495 Fall 2014 Tracking From Depth

Tracking Articulated Objects Alexander (Sasha) Lambert CS7495 Fall 2014 Tracking From Depth Infra-red point-clouds (structured light) Affordable sensors (Primesense) Large body of work on people-tracking Complex tracking

409 views • 23 slides
Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn

Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn

Introduction Tracking catalog Tracking mechanisms Open questions Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn Carela-Espaol Pere Barlet-Ros Computer Architecture Dept. (DAC) UPC

581 views • 10 slides
Eye Tracking and Topics EMA in Computer Eye tracking definition Science Eye tracker

Eye Tracking and Topics EMA in Computer Eye tracking definition Science Eye tracker

Eye Tracking and Topics EMA in Computer Eye tracking definition Science Eye tracker history Eye tracking theory Computer Literacy 1 Lecture 23 Different kinds of eye trackers 11/11/2008 Electromagnetic Articulography (EMA)

459 views • 6 slides
Tracking - VSO Framework Tracking Status Controlling Actions 100% Configuring Actions Device

Tracking - VSO Framework Tracking Status Controlling Actions 100% Configuring Actions Device

Tracking - VSO Framework Tracking Status Controlling Actions 100% Configuring Actions Device List 0% Device handling View drawing 100% Federico Tessmann Test-Tracking - Orchestra VSO- VSOUI Tracking VSO- Orchestra VSOAudio

76 views • 7 slides
8. Pharmacological Management Neurohormonal deactivation 1. A drenaline Beta Blockers Dose

8. Pharmacological Management Neurohormonal deactivation 1. A drenaline Beta Blockers Dose

8. Pharmacological Management Neurohormonal deactivation 1. A drenaline Beta Blockers Dose Side Effects Monitoring Neurohormonal Deactivation 2. A ngiotensin II ACE Inhibition Dose Side Effects Monitoring ARNI Angiotensin

624 views • 30 slides
Video Object Tracking Real-time tracking of objects in video is an important problem in various

Video Object Tracking Real-time tracking of objects in video is an important problem in various

Tracking Objects Better, Faster, Longer Assoc. Prof. Dr. Alptekin Temizel atemizel@metu.edu.tr Graduate School of Informatics, METU 18 March 2015 GPU Technology Conference Video Object Tracking Real-time tracking of objects in video is an

472 views • 19 slides
Injection Attacks and Memory Safety Nicholas Weaver based on David Wagners slides from Sp

Injection Attacks and Memory Safety Nicholas Weaver based on David Wagners slides from Sp

Computer Science 161 Fall 2016 Nicholas Weaver Injection Attacks and Memory Safety Nicholas Weaver based on David Wagners slides from Sp 2016 1 Administrivia Computer Science 161 Fall 2016 Nicholas Weaver You really really really

944 views • 50 slides
ECE 550D Fundamentals of Computer Systems and Engineering Fall 2016 Pipelines Tyler Bletsch

ECE 550D Fundamentals of Computer Systems and Engineering Fall 2016 Pipelines Tyler Bletsch

ECE 550D Fundamentals of Computer Systems and Engineering Fall 2016 Pipelines Tyler Bletsch Duke University Slides are derived from work by Andrew Hilton (Duke) and Amir Roth (Penn) Clock Period and CPI Single-cycle datapath Low CPI:

965 views • 60 slides
Hacking Jenkins! Orange Tsai Orange Tsai Come from Taiwan Principal security researcher

Hacking Jenkins! Orange Tsai Orange Tsai Come from Taiwan Principal security researcher

Hacking Jenkins! Orange Tsai Orange Tsai Come from Taiwan Principal security researcher at DEVCORE Speaker at Black Hat US/ASIA , DEFCON , HITB , CODEBLUE CTF player (Captain of HITCON CTF team and member of 217 ) Bounty

1.32k views • 103 slides
Network stack challenges at increasing speeds The 100Gbit/s challenge Jesper Dangaard Brouer

Network stack challenges at increasing speeds The 100Gbit/s challenge Jesper Dangaard Brouer

Network stack challenges at increasing speeds The 100Gbit/s challenge Jesper Dangaard Brouer Red Hat inc. LinuxCon North America, Aug 2015 1/39 Challenge: 100Gbit/s around the corner Overview Understand 100Gbit/s challenge and time

784 views • 45 slides
Host Ambiguities Host of Troubles: Multiple Ho in HTTP Implementations Jianjun Chen , Jian Jiang,

Host Ambiguities Host of Troubles: Multiple Ho in HTTP Implementations Jianjun Chen , Jian Jiang,

Host Ambiguities Host of Troubles: Multiple Ho in HTTP Implementations Jianjun Chen , Jian Jiang, Haixin Duan, Nicholas Weaver, Tao Wan, Vern Paxson 1 Multiparty interactions in current Internet Website Transparent Firewall Forward Browser

731 views • 33 slides
NetGAN without GAN: From Random Walks to Low-Rank Approximations Luca Rendsburg, Holger Heidrich,

NetGAN without GAN: From Random Walks to Low-Rank Approximations Luca Rendsburg, Holger Heidrich,

NetGAN without GAN: From Random Walks to Low-Rank Approximations Luca Rendsburg, Holger Heidrich, Ulrike von Luxburg ICML 2020 1 3 Input 1 8 1 4 1 1 5 6 9 1 2 1 7 1 9 } 3 1 } NetGAN: Generating Graphs via Random Walks 1 8

2.88k views • 67 slides
Better Buildings Webinar Series Well be starting in just a few minutes. Tell us What

Better Buildings Webinar Series Well be starting in just a few minutes. Tell us What

Better Buildings Webinar Series Well be starting in just a few minutes. Tell us What topics are you interested in for future webinars? Please send your response to the webinar organizers via the question box. 1 Solutions for Small-

914 views • 47 slides
Computer Systems Research Daniel A. Jimnez Department of Computer Science & Engineering

Computer Systems Research Daniel A. Jimnez Department of Computer Science & Engineering

Machine Learning in Computer Systems Research Daniel A. Jimnez Department of Computer Science & Engineering Texas A&M University What Is This? Improving computer systems with machine learning Computer systems: Architecture /

594 views • 26 slides

More recommend